Sub SaveUserCookie()
 Dim S_syskey,Password,usercookies,TruePassWord,userclass,Userhidden
 
 S_syskey = Request.QueryString("syskey")
 UserName = Newasp.CheckBadstr(Request.QueryString("UserName"))
 Password = Request.QueryString("Password")
 usercookies = Request.QueryString("savecookie")
 If UserName="" or S_syskey="" Then Exit Sub
 Dim NewMd5,OldMd5
 NewMd5 = Md5(UserName & API_ConformKey)
 Md5OLD = 1
 OldMd5 = Md5(UserName & API_ConformKey)
 Md5OLD = 0
 If Not (S_syskey=NewMd5 or S_syskey=OldMd5) Then
  Exit Sub
 End If
 If usercookies="" or Not IsNumeric(usercookies) Then usercookies = 0
 
 '用户退出
 If Password = "" Then
  Response.Cookies(Newasp.Cookies_Name).path = "/"
  Response.Cookies(Newasp.Cookies_Name)("userid") = ""
  Response.Cookies(Newasp.Cookies_Name)("username") = ""
  Response.Cookies(Newasp.Cookies_Name)("password") = ""
  Response.Cookies(Newasp.Cookies_Name)("nickname") = ""
  Response.Cookies(Newasp.Cookies_Name)("UserGrade") = ""
  Response.Cookies(Newasp.Cookies_Name)("UserGroup") = ""
  Response.Cookies(Newasp.Cookies_Name)("UserClass") = ""
  Response.Cookies(Newasp.Cookies_Name)("UserToday") = ""
  Response.Cookies(Newasp.Cookies_Name)("usercookies") = ""
  Response.Cookies(Newasp.Cookies_Name)("LastTimeDate") = ""
  Response.Cookies(Newasp.Cookies_Name)("LastTimeIP") = ""
  Response.Cookies(Newasp.Cookies_Name)("LastTime") = ""
  Response.Cookies(Newasp.Cookies_Name) = ""
  Exit Sub
 End If
 ChkUserLogin username,password,usercookies
End Sub

Function ChkUserLogin(username,password,usercookies)
 ChkUserLogin = False
 Dim Rs,SQL,Group_Setting
 
 If Not IsObject(Conn) Then ConnectionDatabase
 Set Rs = Server.CreateObject("ADODB.Recordset")
 SQL = "SELECT * FROM [NC_User] WHERE username='" & UserName & "'"
 Rs.Open SQL, Conn, 1, 3
 If Not (Rs.BOF And Rs.EOF) Then
  If password <> Rs("password") Then
   ChkUserLogin = False
   Exit Function
  End If
  If Rs("UserLock") <> 0 Then
   ChkUserLogin = False
   Exit Function
  End If
  Response.Cookies(Newasp.Cookies_Name)("LastTimeDate") = Rs("LastTime")
  Response.Cookies(Newasp.Cookies_Name)("LastTimeIP") = Rs("userlastip")
  Response.Cookies(Newasp.Cookies_Name)("LastTime") = Rs("LastTime")
  Group_Setting=Split(Newasp.UserGroupSetting(Rs("UserGrade")), "|||")
  If Rs("userpoint") < 0 Then
   Rs("userpoint") = CLng(Group_Setting(25))
  Else
   Rs("userpoint") = Rs("userpoint") CLng(Group_Setting(25))
  End If
  If Rs("experience") < 0 Then
   Rs("experience") = CLng(Group_Setting(32))
  Else
   Rs("experience") = Rs("experience") CLng(Group_Setting(32))
  End If
  If Rs("charm") < 0 Then
   Rs("charm") = CLng(Group_Setting(33))
  Else
   Rs("charm") = Rs("charm") CLng(Group_Setting(33))
  End If
  Rs("LastTime") = Now()
  Rs("userlastip") = Newasp.GetUserip
  Rs("UserLogin") = Rs("UserLogin") 1
  Rs.Update
  
  Select Case usercookies
  Case 0
   Response.Cookies(Newasp.Cookies_Name)("usercookies") = usercookies
  Case 1
   Response.Cookies(Newasp.Cookies_Name).Expires=Date 1
   Response.Cookies(Newasp.Cookies_Name)("usercookies") = usercookies
  Case 2
   Response.Cookies(Newasp.Cookies_Name).Expires=Date 31
   Response.Cookies(Newasp.Cookies_Name)("usercookies") = usercookies
  Case 3
   Response.Cookies(Newasp.Cookies_Name).Expires=Date 365
   Response.Cookies(Newasp.Cookies_Name)("usercookies") = usercookies
  End Select
  Response.Cookies(Newasp.Cookies_Name).path = "/"
  Response.Cookies(Newasp.Cookies_Name)("userid") = Rs("userid")
  Response.Cookies(Newasp.Cookies_Name)("username") = Rs("username")
  Response.Cookies(Newasp.Cookies_Name)("password") = Rs("password")
  Response.Cookies(Newasp.Cookies_Name)("nickname") = Rs("nickname")
  Response.Cookies(Newasp.Cookies_Name)("UserGrade") = Rs("UserGrade")
  Response.Cookies(Newasp.Cookies_Name)("UserGroup") = Rs("UserGroup")
  Response.Cookies(Newasp.Cookies_Name)("UserClass") = Rs("UserClass")
  Response.Cookies(Newasp.Cookies_Name)("UserToday") = Rs("UserToday")
  ChkUserLogin = True
 End If
 Rs.Close
 Set Rs = Nothing
End Function